As is common knowledge, two-factor authentication is necessary for increasing the security of WordPress websites. Once enabled, you’ll need a one-time password generated on your phone, in addition to your existing WordPress username and password, to log into the website. WordPress has not included 2-factor authentication in the core yet but there are WordPress plugins that will easily add this layer of security to your website.